The XDirectory Service (XDRS) is currently running on
rainier on 2020. It's
init script is located at /etc/init.d/xdrs.
The XDirectory Service runs as user apadmin,
and the /u/apadmin/bin/xdrs_start.sh script
is called by the init script to start the service. Note: to
change the port number on which this service runs, or any other
small changes, one can simply modify xdrs_start.sh as user apadmin.

On rainier, with sudo privileges, one can start XDRS with:
sudo /etc/init.d/xdrs start. Similarly, one
can stop, restart, and
check the status of XDRS. XDRS will also
start up automatically whenever rainier boots.

XDRS uses a copy of rainier's grid host certificate and key
which are stored in /etc/grid-security/xdrs/host{cert,key}.pem. The host
key is unencrypted and is only readable by user apadmin.

The XDirectory Service (XDRS) is currently running in non
secure mode on rainier on port 8047. It's init script is located at /etc/init.d/xdrs-nosec. The XDirectory Service runs as
user apadmin, and the /u/apadmin/bin/xdrs-nosec_start.sh script is called by
the init script to start the service. Note: to change the port
number on which this service runs, or any other small changes,
one can simply modify xdrs-nosec_start.sh as
user apadmin.

On rainier, with sudo privileges, one can start XDRS with:
sudo /etc/init.d/xdrs-nosec start. Similarly,
one can stop, restart,
and check the status of XDRS. XDRS will also
start up automatically whenever rainier boots.

We have created a set of test user certificates which have
been loaded directly into the myproxy repository. After generating the certificate and
key for the test user (be sure to use the password of "temp"
for the userkey), issue the following commands as root on rainier
(where the MyProxy repository resides):

For GRID pass phrase enter "temp" or whatever temporary
password you used when creating the certificate and key. The -l
option specifies the username in the MyProxy repository; set this
and the MyProxy pass phrase as you see fit.

Here is a current list of test user proxies with user names
and passwords. Note that these are all within the IUCS
Certificate Authority and that the username and password apply to
their MyProxy username and password.

The Alliance Portal is deployed under the home
account of apadmin on linbox1. Here is the directory structure of ~/portal:

alliance: home of current deployment

current: link to Jakarta Tomcat home in
current deployment

The current deployment is a modification of the latest OGCE
CVS code. The modifications are stored under portal/current/alliance-nmi. The following is a list
of some of the files with modifications differing from stock OGCE
CVS:

nmi_resources.properties

nmi_mysql_resources.properties

ctng_skins.xreg

default.css

various image files

If changes are made to any of these files, it will be
necessary to redeploy CHEF. Here are the steps:

Shutdown Tomcat

Run ant prepare.config in the portal/current/alliance-nmi directory.

Run ant deploy.mysql in the portal/current/chef-1.0.7 directory.

Run ant deploy in the portal/current/alliance-nmi directory.

Start Tomcat

You can deploy individual components as usual, just remember
to shutdown Tomcat first.

This deployment is back-ended by MySQL. See the build.properties file in the chef directory for
details.

See the init script /etc/init.d/tomcat. It
calls the commands ~apadmin/bin/tcstart.sh
and ~apadmin/bin/tcstop.sh when starting and
stopping tomcat. See these files for more information. The
catalina.out and chef.log file are on a
log rotation schedule, see ~apadmin/etc/linbox1.logrotate.conf and ~apadmin/etc/linbox1.crontab.

The LEAD Portal is deployed on lead under /home/lead-portal and
executed as user apadmin.

The current deployment is a modification of the latest OGCE
CVS code. The modifications are stored under /home/lead-portal/lead-nmi (PORTAL_HOME). The
following is a list of some of the files with modifications
differing from stock OGCE CVS:

nmi_mysql_resources.properties

ctng_skins.xreg

default.css

various image files

If changes are made to any of these files, it will be
necessary to redeploy CHEF. Here are the steps:

Shutdown Tomcat

Run ant prepare.config in the PORTAL_HOME/lead-nmi directory.

Run ant deploy.mysql in the PORTAL_HOME/chef-1.0.7 directory.

Run ant deploy in the PORTAL_HOME/lead-nmi directory.

Start Tomcat

You can deploy individual components as usual, just remember
to shutdown Tomcat first.

This deployment is back-ended by MySQL. See the build.properties file in the chef directory for
details.

See the init script /etc/init.d/tomcat. It
calls the commands PORTAL_HOME/bin/tcstart.sh
and PORTAL_HOME/bin/tcstop.sh when starting
and stopping tomcat. See these files for more information.

NOTE: The LEAD Portal is currently restarted each Sunday
at 3:30 am to prevent degradation.

The development portal is installed under the ~/portal directory of user apadmin. The symlink ~/portal/dev points to the
Jakarta Tomcat home of the current development portal. Use the dev symlink to determine which directory under ~/portal contains the development portal. The
development portal is available here http://portal.extreme.indiana.edu:10081/nmi.

Currently, the development portal consists of OGCE CVS snapshots
with locally developed portlets added. To update the development
portal to a more recent snapshot, as user apadmin do the following:

Create the snapshot (cvs -d
username@cvs.ogce.org export -r HEAD portal) and deploy it
following the standard procedure.

Stop the development portal. See notes in the next
paragraph.

Update the dev symlink to point to the new
Jakarta Tomcat home.

Start the development portal. See notes in the next
paragraph.

See the init script /etc/init.d/tomcat-dev. It
calls the commands PORTAL_HOME/bin/tcdevstart.sh
and PORTAL_HOME/bin/tcdevstop.sh when starting
and stopping tomcat. See these files for more information. To
start/shutdown the development portal, as root do service tomcat-dev [start|stop], or as user apadmin do tcdevstart.sh or tcdevstop.sh to stop it. The
catalina.out and chef.log file are on a
log rotation schedule, see ~apadmin/etc/linbox1.logrotate.conf and ~apadmin/etc/linbox1.crontab.

[APADMIN@linbox1 apadmin]# keytool -genkey -alias tomcat -keyalg
RSA -validity 365
Enter keystore password: changeit
What is your first and last name?
[Unknown]: portal.extreme.indiana.edu
What is the name of your organizational unit?
[Unknown]: Indiana University
What is the name of your organization?
[Unknown]: Extreme Lab
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=portal.extreme.indiana.edu, OU=Indiana University, O=Extreme
Lab, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):

Note that we set the validity to 365 days, giving us a
certificate good for a year. Also note that for the key password
we just hit RETURN so it is the same as the keystore
password.